The author is a Forbes contributor. The opinions expressed are those of the writer.

Loading ...

Loading ...

This story appears in the {{article.article.magazine.pretty_date}} issue of {{article.article.magazine.pubName}}. Subscribe

On September 23, 1780, three members of the New York militia intercepted a British spy carrying correspondence between Benedict Arnold, commander of the American garrison at West Point, and the head of British military forces in the colonies. The correspondence revealed General Arnold to be a traitor who had been sharing sensitive information with the enemy -- information that might enable the British to seize control of the strategic Hudson River Valley. Arnold had used his position as a trusted insider to undermine the patriot cause, and his peers in the Continental Army had unwittingly aided the general's treachery by ignoring numerous clues pointing to disloyalty.

Although Arnold's perfidy predated the invention of electronic media -- the first working telegraph appeared in the 1820s -- it set a precedent for later traitors. Trusted insiders who use their access to sensitive information in ways damaging to the national interest have become a chronic security concern. During the 1940s, Manhattan Project insiders helped Russia obtain the secrets of the atomic bomb. In the 1960s, Navy chief warrant officer John Walker began an 18-year career as a spy, sharing information about secret codes, ballistic-missile submarines and other sensitive matters with the Soviet Union. In the 1980s and 1990s, CIA counter-intelligence officer Aldrich Ames revealed the identities of U.S. agents to the Russians, as did another CIA insider, Edward Lee Howard. FBI special agent Robert Philip Hanssen was later discovered to be doing the same thing.

And those are just the traitors who were caught. There were probably other insiders mining government databases and passing on secret documents to countries like Russia and China who were never detected. The more recent cases of Army private Bradley Manning and NSA contract worker Edward Snowden may seem different because they sought to share their secrets with the world, but counter-intelligence experts have long known that insiders betray their country for a variety of motives. Some are motivated by money, some by ideology, some by ego. Some are being blackmailed or coerced. For instance, the Manhattan Project insiders who helped Russia get the bomb professed high-minded motives similar to those Snowden now cites.

Edward Snowden is far from unique in American history. (Retrieved from http://blogs-images.forbes.com/lorenthompson/files/2014/04/edward_snowden_2013-10-9_1.jpg)

Whatever the motives, it is clear there has been a persistent pattern of government insiders compromising sensitive information from the earliest days of the Republic. What has changed are the tools now available to such people for exfiltrating vast amounts of data without being noticed until serious damage is done. It was common in earlier times for wayward insiders to be caught as they surreptitiously transported information to locations where it could be handed over to enemy agents, but no such subterfuge is necessary today because everything that matters is digitized. There are many, many ways of moving digital data around. So the government confronts the nightmare of a persistent danger being greatly exacerbated by new technology. What to do?

First, the government -- particularly the Department of Defense -- needs to acknowledge the priority of containing insider threats to the security of sensitive data, and recognize that coping with trusted insiders gone wrong is a very different challenge from keeping outsiders at bay. Second, federal agencies need to license whatever off-the-shelf products are available that can block the transfer of sensitive data to unregistered devices or unapproved users; they shouldn't waste time waiting for the perfect solution, because too much is at risk. Third, the agencies that have the most experience in keeping tabs on insiders, like the FBI and TSA, need to help other federal organizations understand how to uncover the subtle clues revealing bad intent on the part of trusted insiders. Until those three things have been done, Washington will not begin to get a handle on the problem.